# Target Analysis Report --- **Selector:** `mafi-egypt.com` **Type:** `Root Domain Name` **Resolved IPs:** `162.241.252.116` --- # IP Address 1: 162.241.252.116 ``` [*] Found 'whois' executable at: /usr/bin/whois [*] Running system 'whois' command for 162.241.252.116... --- System WHOIS Output --- [Stdout] # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2025, American Registry for Internet Numbers, Ltd. # NetRange: 162.240.0.0 - 162.241.255.255 CIDR: 162.240.0.0/15 NetName: UNIFIEDLAYER-NETWORK-16 NetHandle: NET-162-240-0-0-1 Parent: NET162 (NET-162-0-0-0-0) NetType: Direct Allocation OriginAS: AS46606 Organization: Unified Layer (BLUEH-2) RegDate: 2013-08-22 Updated: 2013-08-22 Ref: https://rdap.arin.net/registry/ip/162.240.0.0 OrgName: Unified Layer OrgId: BLUEH-2 Address: 1958 South 950 East City: Provo StateProv: UT PostalCode: 84606 Country: US RegDate: 2006-08-08 Updated: 2025-02-20 Ref: https://rdap.arin.net/registry/entity/BLUEH-2 ReferralServer: rwhois://rwhois.unifiedlayer.com:4321 OrgNOCHandle: ENO74-ARIN OrgNOCName: EIG Network Operations OrgNOCPhone: +1-781-852-3200 OrgNOCEmail: eig-net-team@endurance.com OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: NOC2320-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-801-765-9400 OrgAbuseEmail: abuse@bluehost.com OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN OrgTechHandle: ENO74-ARIN OrgTechName: EIG Network Operations OrgTechPhone: +1-781-852-3200 OrgTechEmail: eig-net-team@endurance.com OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2025, American Registry for Internet Numbers, Ltd. # Found a referral to rwhois.unifiedlayer.com:4321. %rwhois V-1.5:000080:00 rwhois.unifiedlayer.com (by Unified Layer, V-1.0.0) network:Class-Name:network network:ID: NETBLK-UL.162.240.0.0/15 network:Auth-Area: 162.240.0.0/15 network:Network-Name: UL-162.240.0.0/15 network:IP-Network: 162.240.0.0/15 network:Organization: Unified Layer network:Tech-Contact: netops@unifiedlayer.com network:Admin-Contact: netops@unifiedlayer.com network:Abuse-Contact: abuse@unifiedlayer.com network:Created: 20121119 network:Updated: 20121119 network:Updated-By: netops@unifiedlayer.com %ok --------------------------- ``` **Stderr:** ``` *No standard error* ``` --- ## IP Geolocation Finder **Timestamp:** `20250616025816855` **Input:** `{"ip_address": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` [*] Checking IP: 162.241.252.116 [*] Geolocation Information: Country: United States (US) City: Unknown Latitude: 37.751 Longitude: -97.822 ISP: UNIFIEDLAYER-AS-1 ``` **Stderr:** ``` *No standard error* ``` --- ## IP to ASN Lookup **Timestamp:** `20250616025832763` **Input:** `{"ip_address": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` [*] Querying Team Cymru WHOIS for IP: 162.241.252.116... --- Team Cymru WHOIS Information --- AS : 46606 IP : 162.241.252.116 BGP Prefix : 162.241.252.0/22 CC : US Registry : arin Allocated : 2013-08-22 AS Name : UNIFIEDLAYER-AS-1, US ------------------------------------ ``` **Stderr:** ``` *No standard error* ``` --- ## IP to Nslookup **Timestamp:** `20250616025843615` **Input:** `{"ip_address": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` 116.252.241.162.in-addr.arpa name = box5709.bluehost.com. Authoritative answers can be found from: ``` **Stderr:** ``` *No standard error* ``` --- ## IP to Dig -x **Timestamp:** `20250616025854367` **Input:** `{"ip_address": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` ; <<>> DiG 9.18.30-0ubuntu0.22.04.2-Ubuntu <<>> -x 162.241.252.116 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8783 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;116.252.241.162.in-addr.arpa. IN PTR ;; ANSWER SECTION: 116.252.241.162.in-addr.arpa. 300 IN PTR box5709.bluehost.com. ;; Query time: 0 msec ;; SERVER: 169.254.78.1#53(169.254.78.1) (UDP) ;; WHEN: Mon Jun 16 02:59:02 UTC 2025 ;; MSG SIZE rcvd: 91 ``` **Stderr:** ``` *No standard error* ``` --- ## IP to Traceroute UDP **Timestamp:** `20250616025905327` **Input:** `{"ip_address": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` --- Remote PING Output via SSH (134.199.140.209) --- [Stdout] traceroute to 162.241.252.116 (162.241.252.116), 30 hops max, 60 byte packets 1 138.68.34.246 0.954 ms 138.68.34.248 0.935 ms 138.68.34.247 1.122 ms 2 143.244.192.76 1.130 ms 143.244.192.72 1.100 ms 1.132 ms 3 143.244.224.6 1.255 ms 1.199 ms 143.244.224.8 1.203 ms 4 143.244.224.3 1.192 ms 1.182 ms 143.244.224.13 1.149 ms 5 4.7.18.9 8.981 ms 8.969 ms 8.960 ms 6 4.69.219.50 20.595 ms 20.113 ms 20.111 ms 7 4.53.7.174 22.619 ms 22.898 ms 22.833 ms 8 69.195.64.113 22.463 ms 22.576 ms 22.537 ms 9 162.144.240.135 22.498 ms 162.144.240.123 22.481 ms 162.144.240.131 22.465 ms 10 162.241.252.116 22.452 ms 21.969 ms 21.939 ms ------------------------------------------------ ``` **Stderr:** ``` *No standard error* ``` --- ## CDN, Cloud, and WAF Detection **Timestamp:** `20250616025921213` **Input:** `{"domain_or_ip": "162.241.252.116"}` **Status:** `COMPLETE` **Stdout:** ``` *No standard output* ``` **Stderr:** ``` __ __ __ _________/ /___ _____/ /_ ___ _____/ /__ / ___/ __ / __ \/ ___/ __ \/ _ \/ ___/ //_/ / /__/ /_/ / / / / /__/ / / / __/ /__/ ,< \___/\__,_/_/ /_/\___/_/ /_/\___/\___/_/|_| projectdiscovery.io [INF] Current cdncheck version v1.1.16 (outdated) [INF] No results found. ``` --- ## Wise TCP Port Checker **Timestamp:** `20250616025931987` **Input:** `{"ip_address": "162.241.252.116", "tcp_ports": "80,443,22,8080,21,4567,23,53,143,110"}` **Status:** `COMPLETE` **Stdout:** ``` # Attempting to connect to 162.241.252.116:80... [+] Port 80 appears to be open. [-] No banner received immediately. Assuming HTTP or similar service. [*] Sending HTTP GET request... --- Request --- GET / HTTP/1.1 Host: 162.241.252.116 User-Agent: CCBot/2.0 Accept: */* Connection: close --------------- ## Received Response: HTTP/1.1 406 Not Acceptable Date: Mon, 16 Jun 2025 02:59:43 GMT Server: Apache Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Not Acceptable!

Not Acceptable!

An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

# Attempting to connect to 162.241.252.116:443... [+] Port 443 appears to be open. [-] No banner received immediately. Assuming HTTP or similar service. [*] Sending HTTP GET request... --- Request --- GET / HTTP/1.1 Host: 162.241.252.116 User-Agent: CCBot/2.0 Accept: */* Connection: close --------------- ## Received Response: HTTP/1.1 302 Found Date: Mon, 16 Jun 2025 02:59:46 GMT Server: Apache X-Robots-Tag: noindex, nofollow Upgrade: h2,h2c Connection: Upgrade, close Location: http://www.explorefreeresults.com/?dn=box5709.bluehost.com&pid=5POJ5651L&spfwd=1 host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Content-Length: 0 Content-Type: text/html; charset=UTF-8 # Attempting to connect to 162.241.252.116:22... [+] Port 22 appears to be open. ## Received Banner: SSH-2.0-OpenSSH_7.4 # Attempting to connect to 162.241.252.116:8080... [-] Could not connect to 162.241.252.116:8080. Error: [Errno 111] Connection refused # Attempting to connect to 162.241.252.116:21... [+] Port 21 appears to be open. ## Received Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 150 allowed. 220-Local time is now 20:59. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. # Attempting to connect to 162.241.252.116:4567... [-] Could not connect to 162.241.252.116:4567. Error: [Errno 111] Connection refused # Attempting to connect to 162.241.252.116:23... [-] Could not connect to 162.241.252.116:23. Error: [Errno 111] Connection refused # Attempting to connect to 162.241.252.116:53... [+] Port 53 appears to be open. [-] No banner received immediately. Assuming HTTP or similar service. [*] Sending HTTP GET request... --- Request --- GET / HTTP/1.1 Host: 162.241.252.116 User-Agent: CCBot/2.0 Accept: */* Connection: close --------------- [-] Timed out waiting for HTTP response. [-] No response received after GET request. # Attempting to connect to 162.241.252.116:143... [+] Port 143 appears to be open. ## Received Banner: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. # Attempting to connect to 162.241.252.116:110... [+] Port 110 appears to be open. ## Received Banner: +OK Dovecot ready. ### --- Port Check Logic End --- ### ``` **Stderr:** ``` Command '/usr/bin/python3 app.py --ip_address 162.241.252.116 --tcp_ports 80,443,22,8080,21,4567,23,53,143,110' returned non-zero exit status 1. ``` ---